I always had this issue with Google Sign In. I have an Android app that the user connects uses to authenticate with Google and then send the idToken to my server. The server uses the library provided by Google (GoogleIdTokenVerifier) to verify the token.
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
.setAudience(audience)
.setIssuer("https://accounts.google.com")
.build();
GoogleIdToken idToken = null;
try {
idToken = verifier.verify(idTokenString);
} catch (Exception e) {
e.printStackTrace();
}
if (idToken != null) {
GoogleIdToken.Payload payload = idToken.getPayload();
String userId = payload.getSubject();
System.out.println("User ID: " + userId);
String email = payload.getEmail();
System.out.println("Emaail:" + email);
return userId;
} else {
System.out.println("Invalid ID token.");
return null;
}
This worked for a while, then suddenly the validation started to always fail. Nothing has changed! Any ideas?
Check your server time, I had the same issue when I migrated to a new server. I solved the issue by setting the time zone using NTP.
If you are running over your localhost, check if your computers hour its correct, on the same timezone as the server.
I spent a complete day with this bug, getting null from the idToken sent to the client.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With